<?php
    session_start();
    include 'db_connection.php';
    if ($_GET['act'] == 'logout') {
        $_SESSION['user_id']   = 0;
    }

    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        $username = $_POST["username"];
        $pwd      = md5($_POST["password"]); 
        $sql      = "select id,username from admins where username='$username' and password='$pwd' and role='zyz';";
        $result   = mysqli_query($conn, $sql);//执行sql语句
        $row      = mysqli_num_rows($result);//返回值条目
        if (!$row) {
            die("<script>alert('账号不存在或密码错误');history.back();</script>");
        } else { 
            $info = $result->fetch_assoc();
            $_SESSION['user_id']   = $info['id'];
            die("<script>location='index.php'</script>");
        }           
    }
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>志愿者登录</title>
    <link rel="stylesheet" href="css/style.css">
</head>
<body>
    <div class="login">
        <h2>志愿者登录</h2>
        <form method="POST" action="login.php">
            <input name="username" placeholder="请输入用户名"/><br/>
            <input name="password" type="password" placeholder="请输入密码"/><br/>
            <button type="submit">登录</button>
        </form>
    </div>
</body>
</html>